Home Technology Hacking up a fix for the broken AppleTalk kernel module in Linux...

Hacking up a fix for the broken AppleTalk kernel module in Linux 5.1 and more moderen

I modified into as soon as taking a look for at without a doubt one of my classic Macs about a weeks ago, and noticed that my Ubuntu 18.04 netatalk server wasn’t exhibiting up in the Chooser anymore. In the occasion you’re no longer conversant in netatalk, it’s an implementation of Apple Submitting Protocol (AFP) that runs on Unix-love working programs reminiscent of Linux and NetBSD. It lets in varied working programs to act as Mac file servers. Version 2.x, which I expend, supports the mature AppleTalk protocol. This lets in it to work with if truth be told feeble classic Macs that don’t if truth be told have a TCP/IP stack installed. Assist for AppleTalk modified into as soon as removed in version 3.x, so that’s why I’m aloof using 2.x.

I checked out the server, and noticed that atalkd wasn’t working.

doug@miniserver:~$ ps ax | grep atalkd

3351 pts/0 R+ 0: 00 grep --coloration=auto atalkd

Hmmm….why wouldn’t atalkd be working? I went ahead and tried to restart netatalk:

doug@miniserver:~$ sudo provider netatalk restart

Job for netatalk.provider failed since the preserve a watch on target of exited with error code.

Gaze "systemctl field netatalk.provider" and "journalctl -xe" for little print.

Uh oh! Why obtained’t netatalk birth?

doug@miniserver:~$ systemctl field netatalk.provider

● netatalk.provider

Loaded: loaded (/etc/init.d/netatalk; generated)

Stuffed with life: failed (Outcome: exit-code) since Sat 2020-08-01 10: 29: 36 PDT; 54s ago

Doctors: man:systemd-sysv-generator(8)

Course of: 1320 ExecStart=/etc/init.d/netatalk birth (code=exited, field=1/FAILURE)

Aug 01 10: 29: 36 miniserver systemd[1]: Starting netatalk.provider…

Aug 01 10: 29: 36 miniserver netatalk[1320]: Starting Netatalk services and products (this can steal a while): socket: Cope with family no longer supported by protocol

Aug 01 10: 29: 36 miniserver netatalk[1320]: socket: Cope with family no longer supported by protocol

Aug 01 10: 29: 36 miniserver netatalk[1320]: atalkd: can no longer rating interfaces, exiting.

Aug 01 10: 29: 36 miniserver systemd[1]: netatalk.provider: Control course of exited, code=exited field=1

Aug 01 10: 29: 36 miniserver systemd[1]: netatalk.provider: Failed with consequence 'exit-code'.

Aug 01 10: 29: 36 miniserver systemd[1]: Failed to birth netatalk.provider.

This setup had been working endlessly. What may perchance probably perchance have probably modified? I modified into as soon as retaining as a lot as this level with all of my Ubuntu updates. I had already desired to manually patch the netatalk binary attributable to yet one more worm. Perhaps I desired to reapply the patch? But no, the netatalk binary hadn’t been as a lot as this level. That wasn’t it.

I attempted some Googling and noticed that no longer too lengthy ago AppleTalk had been patched so that you just may perchance probably perchance probably probably also’t assemble raw sockets without the CAP_NET_RAW ability, so I fiddled with setcap to dwelling that ability on the atalkd binary, but that didn’t seem to repair anything else, so I undid the total ability adjustments I tested.

After further experimentation, I noticed that the appletalk kernel module wasn’t being loaded:

doug@miniserver:~$ lsmod | grep appletalk

doug@miniserver:~$

Naturally, I attempted to load it myself:

doug@miniserver:~$ sudo modprobe appletalk

modprobe: ERROR: also can no longer insert 'appletalk': Can't allocate memory

Aha! There’s the particular field. Why can’t it allocate memory? I wondered if it modified into as soon as something explicit to this explicit machine. To take a look at my view, I headed over to my desktop Linux machine and ran the identical modprobe expose. It failed with the particular identical error.

At this level after making an try to dangle more be taught, I gave up for a while because I had more essential stuff to anguish about. It’s roughly tough to search files about this way of field, because no longer steadily anyone is using the AppleTalk networking layer in Linux anymore. “There are dozens of us!”

I eventually came serve and did some more troubleshooting. Since I knew it had labored earlier than, I attempted putting in varied kernel variations in a VM. Certain enough, Ubuntu’s 5.0.0 kernel labored horny. So this modified into as soon as certainly a kernel anguish if I wasn’t already contented.

Next, I attempted a bunch of upstream kernel variations. I narrowed the topic down to in the future between kernels 5.0 and 5.1-rc1. Then I ran a git bisect between those variations, following the directions on the Ubuntu wiki for bisecting upstream kernels. I moreover feeble “assemble localmodconfig” (followed by enabling appletalk in “assemble menuconfig”) to bustle up the compile course of after I noticed that many of the compile time modified into as soon as being spent building kernel modules that I wouldn’t be loading anyway.

The bisect course of took rather a while. I doubtlessly may want to have realized a methodology to automate it with qemu using a approach reminiscent of the one feeble in this pleasing blog post. But on the factitious hand, it will definitely settled on this commit from March 2019 being the birth of the topic:

[6377f787aeb945cae7abbb6474798de129e1f3ac] appletalk: Fix expend-after-free in atalk_proc_exit

This commit merely does a higher job of checking return values of the functions referred to as by atalk_init, and cleaning up successfully in the occasion that they fail. In explicit, the return values of those functions, that were previously unnoticed, on the second are checked to assemble certain they succeed:

  • sock_register
  • register_netdevice_notifier
  • atalk_proc_init
  • atalk_register_sysctl

Extra inspection revealed atalk_proc_init because the particular culprit. A refactor of atalk_proc_init, which happens to be the outdated decide to the one linked above, accidentally left the code in a enlighten where it would return -ENOMEM rather than 0 on success. So it constantly returns -ENOMEM, without reference to success or failure. This explains the “Can’t allocate memory” error being reported when I attempted to insert the appletalk module.

Armed with this files, I did something if truth be told disgusting. I made a duplicate of the kernel module in /tmp and hacked it by tweaking bytes in a hex editor. A disassembly of atalk_proc_init finds a line of code that hundreds a value of 0xFFFFFFF4 (-12) into the EAX register proper earlier than it exits. ENOMEM is outlined as 12. So right here is the line that’s inflicting it to attain serve -ENOMEM. I merely hacked this line to load 0 into EAX as a substitute. This generally leaves the common sense working the identical methodology it feeble to work earlier than the two aforementioned patches were applied, since the return value modified into as soon as previously being unnoticed anyway.

Earlier than:

294:   b8 f4 ff ff ff          mov $0xfffffff4,%eax

After:

294:   b8 00 00 00 00          mov $0x0,%eax

This hack by itself didn’t clear up the topic:

doug@miniserver:~$ sudo insmod /tmp/appletalk.ko

insmod: ERROR: also can no longer insert module /tmp/appletalk.ko: Key modified into as soon as rejected by provider

The topic right here is that Ubuntu’s kernel modules are signed. After hacking the binary, it now no longer matched its signature. That is a trademark of proper how grotesque my hack is. So I did something even uglier: I stripped the signature out of the module fully:

doug@miniserver:~$ strip --strip-debug /tmp/appletalk.ko

Then, I attempted loading it again:

doug@miniserver:~$ sudo insmod /tmp/appletalk.ko

doug@miniserver:~$

Success! My dmesg log experiences an error about a failed signature, thus tainting the kernel:

[ 4479.495054] appletalk: module verification failed: signature and/or required key lacking - tainting kernel

But this doesn’t topic for my applications. netatalk works now:

doug@miniserver:~$ sudo provider netatalk restart

doug@miniserver:~$ ps ax | grep atalkd

1698 ? S 0: 00 /usr/sbin/atalkd

1716 pts/0 S+ 0: 00 grep --coloration=auto atalkd

Now I’m able to store the hacked version of the module in the upright subdirectory in /lib/modules, and every thing works automatically when I reboot. Yay!

That is a extremely grotesque fix even supposing. Each time I enhance my kernel, I’m going to must manually patch it. That is, till the patch hits the mainline kernel, after which I’m able to hope that Ubuntu pulls the fix into their kernel. The plan I’m documenting the binary patch right here is because realistically, it’s going to steal endlessly for the kernel fix to rating released. I if truth be told have not any view if this is able to probably perchance probably be that you just may perchance probably perchance probably probably also mumble to convince Ubuntu to drag this fix into their kernels as soon as it’s released. It’s no longer a high-priority worm fix because no person makes expend of AppleTalk anymore. And I don’t want to restrict myself to an feeble kernel proper for this silly plan.

So step one right here is to publish the patch to the linux-netdev mailing record, and rating the fix merged into the mainline kernel. I searched the mailing record, and came across that I wasn’t the major one to maneuver into this worm. Essentially, two separate folks have both tried to repair it, but had their patches rejected for minor causes:

  • [PATCH] bag/appletalk: restore success case for atalk_proc_init()
    • In this case, somebody submitted a patch 10 months ago and modified into as soon as requested to tweak the patch. Then lifestyles got in the methodology (I utterly understand), and he eventually tried again about 9 months later:
    • [PATCH v2] bag/appletalk: restore success case for atalk_proc_init()
    • He modified into as soon as moreover requested to tweak the second patch attributable to a minor style anguish (which I moreover understand). A third strive at submitting the patch hasn’t been attempted as of this writing.
  • [PATCH 1/2] appletalk: Fix atalk_proc_init return direction
    • That is a more moderen strive from somebody else, about a week and a half of ago as of this writing. The author submitted this fix along with yet one more unrelated AppleTalk patch, and the patch dwelling modified into as soon as rejected for quite quite lots of minor points (moreover understandable). A second version hasn’t been submitted as of this writing.

Obviously no longer too many of us are using the appletalk kernel module on the second, or else folks may perchance probably perchance probably be up in palms about how it has been broken since kernel 5.1. I would provide up my like third strive at getting this patch merged, but since two attempts were made proper final month, I believe without a doubt one of them will succeed quickly. I hope so, anyway. For the time being, I guess I’ll proper continue binary patching my kernel module.

I mumble there’s an even bigger lengthy-time period resolution than this kernel fix. Classic Mac customers who expend netatalk with AppleTalk must be half of forces to address about a issues. netatalk 2.x is useless, but the final commence of it’s miles broken on Linux, as a minimal the AppleTalk section of it — which is the one plan I would aloof expend it. Perhaps we also can merely aloof fork netatalk 2.x? Also, I’m moderately certain the AppleTalk subsystem in the Linux kernel is stuffed with miniature points. It if truth be told works successfully enough for many of us that need netatalk give a seize to, but I realize it’s miles broken in varied systems. Perhaps this project view for a portable userspace AppleTalk stack will dangle some traction going forward. If it ever does, maybe we also can add give a seize to for it in a netatalk fork.

Anyway, I believed it would also very successfully be attention-grabbing to section this troubleshooting lumber and the eventual decision. I proper tested connecting to my Ubuntu 18.04 server from my feeble Mac IIci working System 7.1, and every thing works completely again…till the next kernel enhance, that is!

Read Extra

Most Popular

Jerry Sloan remembered by fellow coaches Don Nelson, Phil Jackson, Lenny Wilkens

4:34 PM ETJackie MacMullanESPN Senior Writer CloseAward-winning columnist and authorRecipient of Basketball Hall of Fame Curt Gowdy Media AwardJoined ESPNBoston.com in 2010Don Nelson, the winningest coach in NBA history, had just finished a stroll on the beach in his beloved Hawai'i on Friday when a reporter informed him that his coaching contemporary Jerry Sloan had…

Nvidia apologizes and removes ‘Did it work’ meme tweet

Nvidia today apologized for publishing a tweet Tuesday which depicts a graphics card with scantily clad legs. The tweet imitating the “Did it work” meme was sent from Nvidia’s GeForce Twitter account, which has over 1 million followers. The tweet was errantly posted and quickly removed, an Nvidia spokesperson told VentureBeat. “We apologize unreservedly. This…

Kamala Harris’ NDA settlement with Terri Carbaugh raises questions

Kamala Harris in 2010. AP Photo/Damian Dovarganes This story is available exclusively to Business Insider subscribers. Become an Insider and start reading now. In 2011, then-California Attorney General Kamala Harris' office paid nearly $35,000 in a mysterious settlement with a top aide who quietly left the office, a document obtained by Insider through a public-records…

The covid-19 pandemic is forcing a rethink in macroeconomics

Editor’s note: Some of our covid-19 coverage is free for readers of The Economist Today, our daily newsletter. For more stories and our pandemic tracker, see our hubIN THE FORM it is known today, macroeconomics began in 1936 with the publication of John Maynard Keynes’s “The General Theory of Employment, Interest and Money”. Its subsequent…